On Mon, 15 Mar 2010 16:32:16 +0100, Frank Becker <computersachen@xxxxxxxxxxxxx> wrote: > Hi all, > > I'm using squid on Debian Lenny and use it as a porno-filter. It works > fine. I now want to use a whitelist because there are sites which are > banned by my filterlist but these sites are ok. > > So I created an acl whitelist and allowed access of course. But it > doesn't work. > > Below there is the segment of my squid.conf. Please, can someone help me > to whitelist some sites? > > Best regards and many thanks in advance > > Frank > > > Here are my rules: > acl our_networks src 192.168.100.0/24 > acl blacklist_domains dstdomain "/etc/squid/blacklist_domains" > acl blacklist_regexp dstdom_regex -i "/etc/squid/blacklist_regexp" > acl whitelist dstdomain "/etc/squid/whitelist" > acl blacklistuser src 192.168.100.2-192.168.100.209 > 192.168.100.221-192.168.100.225 > acl manager proto cache_object > > acl admins proxy_auth "/etc/squid/admins" > acl users proxy_auth REQUIRED > http_access allow manager admins > http_access deny manager > http_access allow users .. .authenticated users have unlimited access... > > http_access deny manager > http_access allow purge localhost > http_access deny purge > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access allow whitelist ... sites on the whitelist are accessible by anyone on the planet ... > http_access deny blacklist_domains > http_access deny blacklist_regexp ... certain domains are blocked ... > http_access allow our_networks ... the LAN can get to anything not blocked above. > http_access deny all > > > The whitelist contains: > *.openshotvideo.com > *.sexnsurf.de * is not valid in a domain name. The dstdomain wildcard pattern is just this: .openshotvideo.com .sexnsurf.de Amos
